Ryan/documenso
1
0
Fork 1
mirror of https://github.com/documenso/documenso.git synced 2025-11-19 03:01:59 +10:00
Code Issues Packages Projects Releases Wiki Activity

feat: prevent signing when expired

Browse Source
This commit is contained in:
Ephraim Atta-Duncan
2024-11-17 12:12:27 +00:00
parent 79d0cd7de5
commit 316dbee446
5 changed files with 146 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

99
apps/web/src/app/(signing)/sign/[token]/expired/page.tsx Normal file
View File

@ -0,0 +1,99 @@
import Link from 'next/link';
import { notFound } from 'next/navigation';
import { Trans } from '@lingui/macro';
import { Clock } from 'lucide-react';
import { setupI18nSSR } from '@documenso/lib/client-only/providers/i18n.server';
import { getServerComponentSession } from '@documenso/lib/next-auth/get-server-component-session';
import { getDocumentAndSenderByToken } from '@documenso/lib/server-only/document/get-document-by-token';
import { isRecipientAuthorized } from '@documenso/lib/server-only/document/is-recipient-authorized';
import { getRecipientByToken } from '@documenso/lib/server-only/recipient/get-recipient-by-token';
import { Badge } from '@documenso/ui/primitives/badge';
import { Button } from '@documenso/ui/primitives/button';
import { truncateTitle } from '~/helpers/truncate-title';
import { SigningAuthPageView } from '../signing-auth-page';
export type ExpiredSigningPageProps = {
params: {
token?: string;
};
};
export default async function ExpiredSigningPage({ params: { token } }: ExpiredSigningPageProps) {
await setupI18nSSR();
if (!token) {
return notFound();
}
const { user } = await getServerComponentSession();
const document = await getDocumentAndSenderByToken({
token,
requireAccessAuth: false,
}).catch(() => null);
if (!document) {
return notFound();
}
const truncatedTitle = truncateTitle(document.title);
const recipient = await getRecipientByToken({ token }).catch(() => null);
if (!recipient) {
return notFound();
}
const isDocumentAccessValid = await isRecipientAuthorized({
type: 'ACCESS',
documentAuthOptions: document.authOptions,
recipient,
userId: user?.id,
});
if (!isDocumentAccessValid) {
return <SigningAuthPageView email={recipient.email} />;
}
return (
<div className="flex flex-col items-center pt-24 lg:pt-36 xl:pt-44">
<Badge variant="neutral" size="default" className="mb-6 rounded-xl border bg-transparent">
{truncatedTitle}
</Badge>
<div className="flex flex-col items-center">
<div className="flex items-center gap-x-4">
<Clock className="text-destructive h-10 w-10" />
<h2 className="max-w-[35ch] text-center text-2xl font-semibold leading-normal md:text-3xl lg:text-4xl">
<Trans>Document Expired</Trans>
</h2>
</div>
<div className="text-destructive mt-4 flex items-center text-center text-sm">
<Trans>This document has expired and is no longer available to sign</Trans>
</div>
<p className="text-muted-foreground mt-6 max-w-[60ch] text-center text-sm">
<Trans>
{/* TODO: send email to owner when a user tried to sign an expired document??? */}
The document owner has been notified. They may send you a new signing link if required.
</Trans>
</p>
<p className="text-muted-foreground mt-2 max-w-[60ch] text-center text-sm">
<Trans>No further action is required from you at this time.</Trans>
</p>
{user && (
<Button className="mt-6" asChild>
<Link href={`/`}>Return Home</Link>
</Button>
)}
</div>
</div>
);
}

17
apps/web/src/app/(signing)/sign/[token]/page.tsx
View File

@ -12,6 +12,7 @@ import { getFieldsForToken } from '@documenso/lib/server-only/field/get-fields-f
import { getIsRecipientsTurnToSign } from '@documenso/lib/server-only/recipient/get-is-recipient-turn';
import { getRecipientByToken } from '@documenso/lib/server-only/recipient/get-recipient-by-token';
import { getRecipientSignatures } from '@documenso/lib/server-only/recipient/get-recipient-signatures';
import { isRecipientExpired } from '@documenso/lib/server-only/recipient/is-recipient-expired';
import { getUserByEmail } from '@documenso/lib/server-only/user/get-user-by-email';
import { symmetricDecrypt } from '@documenso/lib/universal/crypto';
import { extractNextHeaderRequestMetadata } from '@documenso/lib/universal/extract-request-metadata';
@ -43,6 +44,16 @@ export default async function SigningPage({ params: { token } }: SigningPageProp
const requestMetadata = extractNextHeaderRequestMetadata(requestHeaders);
const isExpired = await isRecipientExpired({ token });
if (isExpired) {
return redirect(`/sign/${token}/expired`);
}
const isRecipientsTurn = await getIsRecipientsTurnToSign({ token });
if (!isRecipientsTurn) {
return redirect(`/sign/${token}/waiting`);
}
const [document, fields, recipient, completedFields] = await Promise.all([
getDocumentAndSenderByToken({
token,
@ -63,12 +74,6 @@ export default async function SigningPage({ params: { token } }: SigningPageProp
return notFound();
}
const isRecipientsTurn = await getIsRecipientsTurnToSign({ token });
if (!isRecipientsTurn) {
return redirect(`/sign/${token}/waiting`);
}
const { derivedRecipientAccessAuth } = extractDocumentAuthMethods({
documentAuth: document.authOptions,
recipientAuth: recipient.authOptions,

12
apps/web/src/app/(signing)/sign/[token]/rejected/page.tsx
View File

@ -8,9 +8,7 @@ import { setupI18nSSR } from '@documenso/lib/client-only/providers/i18n.server';
import { getServerComponentSession } from '@documenso/lib/next-auth/get-server-component-session';
import { getDocumentAndSenderByToken } from '@documenso/lib/server-only/document/get-document-by-token';
import { isRecipientAuthorized } from '@documenso/lib/server-only/document/is-recipient-authorized';
import { getFieldsForToken } from '@documenso/lib/server-only/field/get-fields-for-token';
import { getRecipientByToken } from '@documenso/lib/server-only/recipient/get-recipient-by-token';
import { FieldType } from '@documenso/prisma/client';
import { Badge } from '@documenso/ui/primitives/badge';
import { Button } from '@documenso/ui/primitives/button';
@ -44,10 +42,7 @@ export default async function RejectedSigningPage({ params: { token } }: Rejecte
const truncatedTitle = truncateTitle(document.title);
const [fields, recipient] = await Promise.all([
getFieldsForToken({ token }),
getRecipientByToken({ token }).catch(() => null),
]);
const recipient = await getRecipientByToken({ token }).catch(() => null);
if (!recipient) {
return notFound();
@ -64,11 +59,6 @@ export default async function RejectedSigningPage({ params: { token } }: Rejecte
return <SigningAuthPageView email={recipient.email} />;
}
const recipientName =
recipient.name ||
fields.find((field) => field.type === FieldType.NAME)?.customText ||
recipient.email;
return (
<div className="flex flex-col items-center pt-24 lg:pt-36 xl:pt-44">
<Badge variant="neutral" size="default" className="mb-6 rounded-xl border bg-transparent">

34
packages/lib/server-only/recipient/is-recipient-expired.ts Normal file
View File

@ -0,0 +1,34 @@
import { prisma } from '@documenso/prisma';
import { SigningStatus } from '@documenso/prisma/client';
export type IsRecipientExpiredOptions = {
token: string;
};
export const isRecipientExpired = async ({ token }: IsRecipientExpiredOptions) => {
const recipient = await prisma.recipient.findFirst({
where: {
token,
},
});
if (!recipient) {
throw new Error('Recipient not found');
}
const now = new Date();
const hasExpired = recipient.expired && new Date(recipient.expired) <= now;
if (hasExpired && recipient.signingStatus !== SigningStatus.EXPIRED) {
await prisma.recipient.update({
where: {
id: recipient.id,
},
data: {
signingStatus: SigningStatus.EXPIRED,
},
});
}
return hasExpired;
};

1
packages/ui/primitives/document-flow/signer-action-dropdown.tsx
View File

@ -53,6 +53,7 @@ export function SignerActionDropdown({
</DropdownMenuContent>
</DropdownMenu>
</div>
<DocumentExpiryDialog
open={isExpiryDialogOpen}
onOpenChange={setExpiryDialogOpen}